www.mybetterbenefits.org Open in urlscan Pro
192.124.249.106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rares.work/
Effective URL:
https://www.mybetterbenefits.org/membership.htm
Submission: On June 08 via api (June 8th 2023, 3:13:04 am UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 192.124.249.106, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is www.mybetterbenefits.org.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 4th 2023. Valid for: a year.

This is the only time www.mybetterbenefits.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.142.173 15.197.142.173	16509 (AMAZON-02) (AMAZON-02)
11	192.124.249.106 192.124.249.106	30148 (SUCURI-SEC) (SUCURI-SEC)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
14	3

1 15.197.142.173 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

rares.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.124.249.106 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10106.sucuri.net

www.mybetterbenefits.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	mybetterbenefits.org www.mybetterbenefits.org	158 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 57	21 KB
1	rares.work 1 redirects rares.work	317 B
14	3

	Domain	Requested by
11	www.mybetterbenefits.org	www.mybetterbenefits.org
2	www.google-analytics.com	www.mybetterbenefits.org www.google-analytics.com
1	rares.work	1 redirects
14	3

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.instagram.com
www.guidestar.org
mbb.benefithub.com

Subject Issuer	Validity	Valid
mybetterbenefits.org Go Daddy Secure Certificate Authority - G2	`2023-03-04` - `2024-03-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.mybetterbenefits.org/membership.htm
Frame ID: 5D258D65F348413D913E0F518B85D8D6
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The my Better Benefits employee savings program with over 3,500 discounts on travel, amusement parks, car rentals, clothing, electronics, movies, car washes, restaurants, food, sporting events, and more.

Page URL History Show full URLs

http://rares.work/ HTTP 301
https://www.mybetterbenefits.org/membership.htm Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

14
Requests

93 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

178 kB
Transfer

328 kB
Size

3
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/mBB_Org

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mybetterbenefits

Search URL Search Domain Scan URL

URL: https://www.instagram.com/betterbenefitsclub/

Search URL Search Domain Scan URL

URL: https://www.guidestar.org/profile/47-2356623

Search URL Search Domain Scan URL

URL: https://mbb.benefithub.com/
Title: Cash Back Rewards Program

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rares.work/ HTTP 301
https://www.mybetterbenefits.org/membership.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request membership.htm Show response
www.mybetterbenefits.org/
Redirect Chain

http://rares.work/
https://www.mybetterbenefits.org/membership.htm

150 KB
27 KB

1045ms
994ms

Document
text/html

192.124.249.106
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mybetterbenefits.org/membership.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.106 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10106.sucuri.net

Software

nginx /

Resource Hash

0dd7ec0dbe2ee8aca79ad70fb09eb335afeec04855f2d021a7a6ffa6be89a25d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 27173
content-security-policy: upgrade-insecure-requests;
content-type: text/html
date: Thu, 08 Jun 2023 03:12:59 GMT
etag: "0796866da84d91:0"
last-modified: Fri, 12 May 2023 14:02:34 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by-plesk: PleskWin
x-sucuri-cache: BYPASS
x-sucuri-id: 15006
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 82
Content-Type: text/html; charset=utf-8
Date: Thu, 08 Jun 2023 03:12:58 GMT
Location: https://www.mybetterbenefits.org/membership.htm
Server: ip-100-74-3-23.eu-west-2.compute.internal
X-Request-Id: 3a3c637e-5e6b-401b-9c63-6af8fb20876b

GET style.css
www.mybetterbenefits.org/MBB2/ 0
0

GET
H2 200 mBBlogoNEW%20250x138.jpg
www.mybetterbenefits.org/Newsletterpicsnew3/ 24 KB
25 KB 8ms
8ms Image
image/jpeg 192.124.249.106
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mybetterbenefits.org/Newsletterpicsnew3/mBBlogoNEW%20250x138.jpg

Requested by

Host: www.mybetterbenefits.org
URL: https://www.mybetterbenefits.org/membership.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.106 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10106.sucuri.net

Software

nginx /

Resource Hash

817759992365bc6fd74f6f584f98d12ff2ef80d1dd8a7221d7081bcbf5d0e3c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mybetterbenefits.org/membership.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 03:12:59 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 24928
x-xss-protection: 1; mode=block
x-powered-by-plesk: PleskWin
last-modified: Fri, 05 Mar 2021 19:20:08 GMT
server: nginx
etag: "0a4d58df411d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15006
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 twitter100.gif
www.mybetterbenefits.org/newsletterpics/ 2 KB
3 KB 14ms
12ms Image
image/gif 192.124.249.106
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mybetterbenefits.org/newsletterpics/twitter100.gif

Requested by

Host: www.mybetterbenefits.org
URL: https://www.mybetterbenefits.org/membership.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.106 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10106.sucuri.net

Software

nginx /

Resource Hash

9ddbcede1e91d1be599f979ec8e5893e7fe519d9210bf8276f6687eb5c4d7511

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mybetterbenefits.org/membership.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 03:12:59 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 2307
x-xss-protection: 1; mode=block
x-powered-by-plesk: PleskWin
last-modified: Fri, 04 Oct 2019 15:07:19 GMT
server: nginx
etag: "806d6d6ac57ad51:0"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=315360000
x-sucuri-id: 15006
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 facebook100.gif
www.mybetterbenefits.org/newsletterpics/ 5 KB
5 KB 21ms
19ms Image
image/gif 192.124.249.106
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mybetterbenefits.org/newsletterpics/facebook100.gif

Requested by

Host: www.mybetterbenefits.org
URL: https://www.mybetterbenefits.org/membership.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.106 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10106.sucuri.net

Software

nginx /

Resource Hash

4ffdd774f247a5dbcdc7a2cac99491a9ca3bf51f0330432b1a14237b32dbdedf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mybetterbenefits.org/membership.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 03:12:59 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 5108
x-xss-protection: 1; mode=block
x-powered-by-plesk: PleskWin
last-modified: Fri, 04 Oct 2019 15:14:39 GMT
server: nginx
etag: "8019b070c67ad51:0"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=315360000
x-sucuri-id: 15006
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Instagramverysmall.jpg
www.mybetterbenefits.org/Newsletterpicsnew3/ 14 KB
15 KB 22ms
20ms Image
image/jpeg 192.124.249.106
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mybetterbenefits.org/Newsletterpicsnew3/Instagramverysmall.jpg

Requested by

Host: www.mybetterbenefits.org
URL: https://www.mybetterbenefits.org/membership.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.106 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10106.sucuri.net

Software

nginx /

Resource Hash

6668c90c9695aaec6d3907873530caece84eb98d470d0bebb05a8e6c7943c77a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mybetterbenefits.org/membership.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 03:12:59 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 14652
x-xss-protection: 1; mode=block
x-powered-by-plesk: PleskWin
last-modified: Sat, 09 Jan 2021 12:57:26 GMT
server: nginx
etag: "03fb2fa86e6d61:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15006
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 searchimageverysmall.gif
www.mybetterbenefits.org/Pics%20for%20Web/BetterBenefitsClub/ 3 KB
3 KB 22ms
21ms Image
image/gif 192.124.249.106
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mybetterbenefits.org/Pics%20for%20Web/BetterBenefitsClub/searchimageverysmall.gif

Requested by

Host: www.mybetterbenefits.org
URL: https://www.mybetterbenefits.org/membership.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.106 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10106.sucuri.net

Software

nginx /

Resource Hash

5d2ee03a2e29689db720a38c0af46ddfbfeeaa9545c7e71a9959e04c820e2ab4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mybetterbenefits.org/membership.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 03:12:59 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 3126
x-xss-protection: 1; mode=block
x-powered-by-plesk: PleskWin
last-modified: Fri, 11 Nov 2016 13:21:00 GMT
server: nginx
etag: "d631d1711e3cd21:0"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=315360000
x-sucuri-id: 15006
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 newslettersubscribesmallgreyborder.gif
www.mybetterbenefits.org/Pics%20for%20Web/BetterBenefitsClub/ 6 KB
6 KB 23ms
21ms Image
image/gif 192.124.249.106
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mybetterbenefits.org/Pics%20for%20Web/BetterBenefitsClub/newslettersubscribesmallgreyborder.gif

Requested by

Host: www.mybetterbenefits.org
URL: https://www.mybetterbenefits.org/membership.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.106 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10106.sucuri.net

Software

nginx /

Resource Hash

4e3b52864c0303577438295896dba4801f98251459816b8d3793bfbae549e55e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mybetterbenefits.org/membership.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 03:12:59 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 5827
x-xss-protection: 1; mode=block
x-powered-by-plesk: PleskWin
last-modified: Sat, 14 Feb 2015 16:45:06 GMT
server: nginx
etag: "90ad65967548d01:0"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=315360000
x-sucuri-id: 15006
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bestofrochester2020.jpg
www.mybetterbenefits.org/Newsletterpicsnew3/ 49 KB
50 KB 13ms
12ms Image
image/jpeg 192.124.249.106
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mybetterbenefits.org/Newsletterpicsnew3/bestofrochester2020.jpg

Requested by

Host: www.mybetterbenefits.org
URL: https://www.mybetterbenefits.org/membership.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.106 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10106.sucuri.net

Software

nginx /

Resource Hash

4588636f31d441c1dfc277323d0aa355e47e2c30753483ba2a7b9c52353c6627

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mybetterbenefits.org/membership.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 03:12:59 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 50637
x-xss-protection: 1; mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 18 Apr 2021 20:31:36 GMT
server: nginx
etag: "084dbd39134d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15006
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 guidestargoldseal.gif
www.mybetterbenefits.org/newsletterpics/ 19 KB
20 KB 17ms
16ms Image
image/gif 192.124.249.106
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mybetterbenefits.org/newsletterpics/guidestargoldseal.gif

Requested by

Host: www.mybetterbenefits.org
URL: https://www.mybetterbenefits.org/membership.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.106 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10106.sucuri.net

Software

nginx /

Resource Hash

fd6e391552c4831f7f4308cda140e6d44ea8a9aeffc65be17bade5533eb1c89b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mybetterbenefits.org/membership.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 03:12:59 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 19669
x-xss-protection: 1; mode=block
x-powered-by-plesk: PleskWin
last-modified: Sat, 15 Jun 2019 12:58:08 GMT
server: nginx
etag: "0709efa7923d51:0"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=315360000
x-sucuri-id: 15006
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 checkmark.gif
www.mybetterbenefits.org/Pics%20for%20Web/BetterBenefitsClub/ 1 KB
2 KB 17ms
16ms Image
image/gif 192.124.249.106
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mybetterbenefits.org/Pics%20for%20Web/BetterBenefitsClub/checkmark.gif

Requested by

Host: www.mybetterbenefits.org
URL: https://www.mybetterbenefits.org/membership.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.106 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10106.sucuri.net

Software

nginx /

Resource Hash

ccb4c377c8057c8ea1dd7080e189fe64a6dcfcee533de7c4a2200c22feed3d9e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mybetterbenefits.org/membership.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 03:12:59 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 1285
x-xss-protection: 1; mode=block
x-powered-by-plesk: PleskWin
last-modified: Mon, 15 Dec 2014 11:45:12 GMT
server: nginx
etag: "257cfc955c18d01:0"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=315360000
x-sucuri-id: 15006
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 GoDaddyCertification.gif
www.mybetterbenefits.org/Pics%20for%20Web/MBB/ 3 KB
3 KB 17ms
16ms Image
image/gif 192.124.249.106
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mybetterbenefits.org/Pics%20for%20Web/MBB/GoDaddyCertification.gif

Requested by

Host: www.mybetterbenefits.org
URL: https://www.mybetterbenefits.org/membership.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.106 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10106.sucuri.net

Software

nginx /

Resource Hash

cf56d0b122085e7e17debbf93e36cd69fc9d97acb8981bfa44dc02a37a616ea3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mybetterbenefits.org/membership.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 03:12:59 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 2578
x-xss-protection: 1; mode=block
x-powered-by-plesk: PleskWin
last-modified: Sun, 28 Jan 2018 20:21:38 GMT
server: nginx
etag: "e6a42b9a7598d31:0"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=315360000
x-sucuri-id: 15006
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.mybetterbenefits.org
URL: https://www.mybetterbenefits.org/membership.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mybetterbenefits.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Jun 2023 03:04:48 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 492
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 08 Jun 2023 05:04:48 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
214 B 45ms
45ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1203717670&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mybetterbenefits.org%2Fmembership.htm&ul=en-us&de=windows-1252&dt=The%20my%20Better%20Benefits%20employee%20savings%20program%20with%20over%203%2C500%20discounts%20on%20travel%2C%20amusement%20parks%2C%20car%20rentals%2C%20clothing%2C%20electronics%2C%20movies%2C%20car%20washes%2C%20restaurants%2C%20food%2C%20sporting%20events%2C%20and%20more.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=785045624&gjid=356362488&cid=21466115.1686193980&tid=UA-62488506-1&_gid=1437248091.1686193980&_r=1&_slc=1&z=1895334540

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mybetterbenefits.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 03:13:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mybetterbenefits.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.mybetterbenefits.org
URL: https://www.mybetterbenefits.org/MBB2/style.css

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mybetterbenefits.org/	1970-01-20 21:59:13	Name: _ga Value: GA1.2.21466115.1686193980
.mybetterbenefits.org/	1970-01-20 12:24:40	Name: _gid Value: GA1.2.1437248091.1686193980
.mybetterbenefits.org/	1970-01-20 12:23:14	Name: _gat Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.mybetterbenefits.org/membership.htm Message: Refused to apply style from 'https://www.mybetterbenefits.org/MBB2/style.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rares.work
www.google-analytics.com
www.mybetterbenefits.org
www.mybetterbenefits.org
15.197.142.173
192.124.249.106
2a00:1450:4001:803::200e
0dd7ec0dbe2ee8aca79ad70fb09eb335afeec04855f2d021a7a6ffa6be89a25d
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
4588636f31d441c1dfc277323d0aa355e47e2c30753483ba2a7b9c52353c6627
4e3b52864c0303577438295896dba4801f98251459816b8d3793bfbae549e55e
4ffdd774f247a5dbcdc7a2cac99491a9ca3bf51f0330432b1a14237b32dbdedf
5d2ee03a2e29689db720a38c0af46ddfbfeeaa9545c7e71a9959e04c820e2ab4
6668c90c9695aaec6d3907873530caece84eb98d470d0bebb05a8e6c7943c77a
817759992365bc6fd74f6f584f98d12ff2ef80d1dd8a7221d7081bcbf5d0e3c9
9ddbcede1e91d1be599f979ec8e5893e7fe519d9210bf8276f6687eb5c4d7511
ccb4c377c8057c8ea1dd7080e189fe64a6dcfcee533de7c4a2200c22feed3d9e
cf56d0b122085e7e17debbf93e36cd69fc9d97acb8981bfa44dc02a37a616ea3
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
fd6e391552c4831f7f4308cda140e6d44ea8a9aeffc65be17bade5533eb1c89b

www.mybetterbenefits.org Open in urlscan Pro 192.124.249.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

178 kBTransfer

328 kBSize

3 Cookies

5 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

www.mybetterbenefits.org Open in urlscan Pro
192.124.249.106 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

178 kB
Transfer

328 kB
Size

3
Cookies

14 HTTP transactions
0 data transactions